CVEs-PoC/2013/CVE-2013-5576.md at 860e02050fe0cfa14d092faefbaafd5bd449bbcb

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-20 16:24:42 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.

POC

Reference

http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/
http://www.kb.cert.org/vuls/id/639620
https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8

Github

https://github.com/ARPSyndicate/cve-scores

1020 B Raw Blame History

CVE-2013-5576

Description

POC

Reference

Github

1020 B

Raw Blame History